Eamonn O'Brien-Strain

LinkedIn

Over the years I've done a lot of programming for my own amusement or education. I've put these together on my main GitHub pages site at

https://eobrain.github.io/

Putting together only the ones that currently work, I was able to list eighteen, but I may be able to add some more if I can manage to revive several more repos using now obsolete frameworks and build systems.

To give a flavor of what's there, below are some videos and screenshots. See the above link for more details of any of them.

almondbread

videotimewarp

warp

flife

videogestalt

supersekrit

tootgeist

bajel

maxichrome

mergi

tufte

smoothish

funetik

ez-html-elements

passprint

funcgo

simplestblog

hexhistorymap

Here's a cheat sheet that you can use to determine what language you are looking at:

Language Phenotype Tree

This is only for European languages that use a Latin-based alphabet.

It was adapted from the original diagram What European language am I reading? European language flowchart by mel_afefon which was based on What European language am I reading? A flow chart by @oysteib@masto.ai .

I call this a “phenotype” tree because it represents the visual appearance of the languages, and is distinct from the true tree of how these languages are related. Some languages are close to one another in this phenotype tree because they borrowed alphabets from neighboring or hegemonic languages, despite being from very different language families.

Appendix

For reference, non-English letters in the above diagram:

Name Unicode
à A with grave U+00E0
â A with circumflex U+00E2
ã A with tilde U+00E3
ä A with diaeresis U+00E4
å A with ring above U+00E5
ǎ A with caron U+01CE
æ Æ U+00E6
ç C with cedilla U+00E7
ć C with acute U+0107
ĉ C with circumflex U+0109
ċ C with dot above U+010B
č C with caron U+010D
ð Eth U+00F0
đ D with stroke U+0111
è E with grave U+00E8
é E with acute U+00E9
ë E with diaeresis U+00EB
ĕ E with breve U+0115
ė E with dot above U+0117
ę E with cedilla U+0229
ə Schwa U+0259
ĝ G with circumflex U+011D
ğ G with breve U+011F
ğ G with breve U+011F
ġ G with dot above U+0121
ħ H with stroke U+0127
ì I with grave U+00EC
ñ N with tilde U+00F1
ŋ Eng U+014B
ö O with diaeresis U+00F6
ø O with stroke U+00F8
ō O with macron U+014D
ő O with double acute U+0151
ř R with caron U+0159
ś S with acute U+015B
ŝ S with circumflex U+015D
ş S with cedilla U+015F
ß sharp S U+00DF
ţ T with cedilla U+0163
ŧ T with stroke U+0167
ü U with diaeresis U+00FC
ū U with macron U+016B
ů U with ring above U+016F
ű U with double acute U+0171
Ŵ W with circumflex U+0174
ź Z with acute U+017A
Ż Z with dot above U+017B

There are many trust and safety challenges in the new generative AI technologies, but there is one area where they could increase trust and user empowerment. These technologies provide an opportunity to offer the kind of transparency that will allow meaningful control of how people use complex online systems, including control of privacy.

This opportunity comes from two observations: (1) that the biggest problem in privacy is explaining to the user how their data is used, and (2) that one of the notable abilities of LLMs (large language models) is to summarize complex data understandably.

Over the years working on Internet systems, I have seen big improvements in protecting privacy. Some of this improvement is driven by the increasing public awareness of the importance of privacy and the necessity for companies to address privacy if they want to maintain user trust. Some of this is driven by the need for regulatory compliance, initially with GDPR in Europe, but increasingly with new regulations in various countries and US states.

But what do companies actually do to respond to retain trust and keep in compliance? Let’s divide privacy protection measures into two categories: backend and frontend.

Backend privacy protection is where most of the effort has gone. Much of the work here is around data flows, identifying and controlling how personal data is transmitted through and stored in the complex infrastructure behind large modern Internet systems. While practically doing this can be a difficult engineering task, the requirements are generally well understood.

Frontend privacy protection is much more of an open problem. The areas of understanding and consensus are limited to a few areas such as what “dark patterns” should be avoided and how to create cookie consent UIs (which everyone hates). In particular, there remains the biggest unsolved problem, which is how to give people meaningful agency over how their data is used, given the systems are so complex that it is very difficult even for the engineers building and running the services to explain.

But now we see the opportunity. Explaining complex subjects is one thing that LLMs are good at.

LLM privacy transparency

One approach is, given an existing system that has personal data flowing through it, for a particular person using the system, we generate a comprehensive description of all their data and how it is used, perhaps in the context of a particular feature they are using. This raw description would be voluminous, highly technical, and perhaps might contain references to proprietary information, so it would be not at all useful or appropriate to display to the person. However an LLM, with an appropriate prompt, could summarize this raw dump in a way that could be safely and meaningfully displayed to the person. This could provide transparency, customized to the particular context. With different prompts, the LLM output format could be adjusted to match the reading level of the person, and to the size and formatting constraint of the part of the UI in which it is displayed.

This transparency is good, and it would help give a sense of agency to the person. But is there a way to take this further and additionally use LLMs to provide controls?

LLM privacy controls

Well, yes, in some cases if an LLM is incorporated into the system and helps personalize the output, then we can take advantage of the fact that the “API” of an LLM is natural language. That means that somewhere deep in the data flow is some human-meaningful text that is being ingested into an LLM. So we have an opportunity to reveal that text to the person using the system and allow them to modify it, possibly by simply adding or modifying freeform natural language text.

Of course, there are many challenges and possible hazards to using LLMs in these ways. For the transparency proposal, LLMs can hallucinate and generate incorrect summaries of personal data which could be confusing or possibly disturbing to the person. Even if the summary is factual it could present it in a biased manner, for example using gender or racial stereotypes. There is also the possibility that the summary, even if correct and unbiased, could be alarming to the person, but that is arguably a case of “working as intended”: it is better for long-term trust for the person to learn this sooner rather than later, and to thus be able to take prompt action to control how their data is used.

I’m not aware of any such systems yet launched, but I’m hoping it will happen, and in so doing harness the power of generative AI to empower people to make the appropriate trade-offs in each context for how much personal data they want to be used in return for a particular benefit.

sun

As the planet warms due to climate change, the threat of heat waves looms larger than ever. Extreme heat isn't just uncomfortable; it can be deadly, especially when combined with high humidity.

To help visualize this growing danger, I've created a new website: Dangerous Heatwaves

What Makes a Heat Wave Dangerous?

The site focuses on a key metric called the wet-bulb temperature. This isn't the temperature you see on the thermometer. Instead, it's the lowest temperature you can reach by evaporating water – a crucial concept for understanding how humans handle heat.

We cool down by sweating, a process that relies on evaporation. When the wet-bulb temperature gets too close to our body temperature, sweating becomes ineffective. That's when the risk of heatstroke and other heat-related illnesses skyrockets.

  • Low humidity: Even with high temperatures, low humidity means a lower wet-bulb temperature, reducing the danger.
  • High humidity: This is the worst-case scenario. When it's both hot and humid, the wet-bulb temperature rises, making conditions extremely hazardous.

How the Site Works

The Dangerous Heatwaves site analyzes weather forecasts for locations around the world. It highlights the areas with the highest predicted wet-bulb temperatures in the coming days, giving you a real-time snapshot of where the risk of dangerous heat is greatest.

Why This Matters

Understanding wet-bulb temperature and its impact is essential for preparedness and planning. Whether you're concerned about your health, outdoor activities, or the well-being of vulnerable populations, this tool can help you stay informed and make smart decisions in the face of extreme heat.

Fascinating swarm dynamics in this flow of ants down my driveway in Calistoga

How simple can a blogging platform be?

I tried to build a simple blog for anyone with a GitHib account.

How to use it

All you do is

  1. Fork a repo
  2. Do a small amount of configuration of your new GitHub repo
  3. Use the GitHub web UI to edit markdown files
  4. Your blog gets automatically published as GitHub pages

The GitHub repo with full instructions is at simplestblog

An example of a blog that uses this is eobrain.github.io/mysimplestblog

How it was built

It is a simple Node.js JavaScript app that is built on a simple foundation:

  • A markdown library that converts markdown to HTML
  • The Mustache library for building pages from templates

WriteFreely is a fantastic minimalist blogging platform with Fediverse integration. If you're self-hosting WriteFreely (like this blog!), it's wise to maintain backups for peace of mind. Here's how to export your WriteFreely blog using a tool I created called writefreely-export.

Prerequisites:

  1. Shell access to your WriteFreely server
  2. Node.js installed (I recommend using nvm for managing Node.js versions – installation instructions here)

Steps:

Clone the repository and cd into it:

git clone https://github.com/eobrain/writefreely-export.git
cd writefreely-export

Ensure Node.js compatibility (if using nvm):

nvm use

Finally to do the export do

npm install
npm run export

This creates a content directory containing Markdown files of your WriteFreely posts.

Using the Exported Files

One option is to import your Markdown files into a static site generator like simplestblog. This approach gives you a static backup and an alternate site. For example, this blog is mirrored at mysimplestblog.

Additional Notes:

Consider automating the export process for regular backups.

I've long admired how the Tufte CSS project allowed you to create web pages in the style the legendary Edward Tufte developed.

One improvement I've wished for is the ability to use the Tufte CSS with well-structured semantic HTML, without requiring sprinkling class attributes around the CSS.

So I forked the project and created a new one called, which you can check out at: Classless Tufte CSS.

You can try it out by including this in the <head> section of your HTML:

<link rel="stylesheet" href="https://cdn.jsdelivr.net/gh/eobrain/classless-tufte-css@v1.0.1/tufte.min.css"/>

Your HTML requires no class attributes but should be in a standard semantic structure like this:

<body>
  <article>
    <h1> title </h1>
    <p> subtitle </p>
    <section>
       <h2> section header </h2>
       ... paragraphs, lists, code blocks, figures etc
    </section>
    <section>
    ...

The main features lost in moving to the classless form were

  • There is no automatic sidenote numbering
  • The <aside>s used to implement margin material must be between paragraphs, they cannot be embedded in the middle of a paragraph.

There are some added features though:

  • Lists that are in between paragraphs are also put in the margin.
  • The margin material does not disappear for narrow screens. Instead, it is shown inline, indented.
  • Code blocks have a subtle background shading
  • Tables have some lines

Here is a comparison of the HTML between Tufte CSS and Classless Tufte CSS, so you can see the simplification.

Tufte CSS Classless Tufte CSS
All-caps initial text ...<p><span class="newthought">A new thought</span> comes to me... ...<section><p>A new thought comes to me...
Epigraph ...<div class="epigraph"><blockquote><p>... ...</h2><blockquote><p>...
Sidenote reference <label for="sn-extensive-use-of-sidenotes" class="margin-toggle sidenote-number"></label><input type="checkbox" id="sn-extensive-use-of-sidenotes" class="margin-toggle"/>
Sidenote <span class="sidenote">This is a sidenote.</span> ...</p><aside><sup>1</sup> This is a sidenote.</aside>
Margin note <label for="mn-demo" class="margin-toggle">&#8853;</label><input type="checkbox" id="mn-demo" class="margin-toggle"/><span class="marginnote">This is a margin note. Notice there isn’t a number preceding the note.</span> ...</p><aside>This is a margin note. Notice there isn’t a number preceding the note.</aside>
Fullwidth figure ...<figure class="full-width">... </section><figure>...
iframe wrapper <figure class="iframe-wrapper"><iframe width="853" height="480" src="https://www.youtube.com/embed/YslQ2625TR4" frameborder="0" allowfullscreen></iframe></figure> <figure><iframe width="853" height="480" src="https://www.youtube.com/embed/YslQ2625TR4" frameborder="0" allowfullscreen></iframe></figure>

What prompted me to do this is that I'm currently working to convert this blog to a static version, and I wanted to use Tufte CSS for plain semantic HTML generated from markdown.

As part of my work on dealing with regulation in the EU, I’ve come to a simplistic understanding of EU governing bodies by analogy with equivalent US governing bodies:

  1. Lower House: The European Parliament is the US House of Representatives.
  2. Upper House: The European Council is the US Senate from the early US when the states directly appointed senators
  3. Executive: The European Commission is the US President and Cabinet, except there is exactly one cabinet member from each state

On both sides of the Atlantic, both the lower and upper house must agree on legislation before it is passed.

One difference is that in the EU the executive proposes legislation, but in the US it can also be proposed by the upper or lower house

Another practical difference is the US bodies have only two political parties because of the first-past-the-post voting system. In contrast, the EU bodies have many political parties because of greater diversity and more proportional voting systems.

And of course in Europe, the individual member states retain much more sovereignty than US states do (despite what Texas might think).

Update 2024-03-01, more analogs in response to a comment on BlueSky:

EU conciliation committees are US congressional conference committees, except also including some cabinet members, and with a deadline.

Trilogue is when the president invites leaders of both houses of Congress to the White House for an informal chat to move some legislation forward.

Big Tech has become pretty good at back-end data protection flows, but many problems still remain in the front-end, user-facing aspects of privacy.

Here are some hard problems that I spend my days thinking about

  1. What exactly is good consent, and how do we make sure users are giving it?
  2. How can we give average, non-technical users the agency to manage the trade-off between privacy and functionality, given how insanely complex the data systems and products are?
  3. How do we measure whether we are meeting people's privacy needs and expectations? Can we make these measurements in a way that is actionable in informing how we change our products?
  4. How can we empower particularly vulnerable people to protect themselves? (e.g. victims of domestic abuse, dissidents in repressive regimes, LGBTQ people in non-accepting cultures, people seeking abortion information in certain US states)
  5. How do we avoid adding usability burdens that reduce the product value for the majority of times when people are not particularly concerned about privacy, while still making sure they are empowered to take privacy-protective measures for sensitive user journeys?
  6. What are the privacy threat models, and what are the different ways of adding UI features to counter them? Some of the threat models can be countered by controlling data collection: such as threats from state actors subpoenaing user data. Some of the threat models can be countered by controlling data use, such as threats from people shoulder surfing or compelling physical access to devices or accounts.
  7. How do we avoid the unintended consequences of actually making people more vulnerable with well-meaning trust measures? For example, providing transparency of what we know about a user is good for empowering them to take action, but it also adds a new privacy attack vector by providing a convenient UI for a bad actor who has access to the user account. Or adding controls to allow the the user to specify topics or URLs that they consider sensitive and not to be tracked, is itself a very sensitive list that could be harmful if revealed. Or if we try to protect particularly vulnerable people by noticing they are vulnerable, that detection of their status might be privacy-invasive.